diff options
author | Franz Pletz <fpletz@fnordicwalking.de> | 2017-01-25 19:11:42 +0100 |
---|---|---|
committer | Franz Pletz <fpletz@fnordicwalking.de> | 2017-01-25 19:15:04 +0100 |
commit | 516760a6fb82ec856ca0eecc8fa637ebfd4852e9 (patch) | |
tree | 92e3fdb810653986162a9094df508ba6762541ba /nixos | |
parent | 2a939c4b21bd408f6fc07e23b2b98d6b73b0dec1 (diff) | |
download | nixpkgs-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar nixpkgs-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar.gz nixpkgs-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar.bz2 nixpkgs-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar.lz nixpkgs-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar.xz nixpkgs-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar.zst nixpkgs-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.zip |
nixos/acme: add random delay to timer
This way we behave like good citizens and won't overload Let's Encrypt with lots of cert renewal requests at the same time.
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/security/acme.nix | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index 726e5471141..4e7c966a463 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -284,6 +284,8 @@ in OnCalendar = cfg.renewInterval; Unit = "acme-${cert}.service"; Persistent = "yes"; + AccuracySec = "5m"; + RandomizedDelaySec = "1h"; }; }) ); |